search

parsivori / simplesamlphp

Automatically exported from code.google.com/p/simplesamlphp
Other
0 stars 0 forks source link

scopes in metadata can never be regexp="true" #575

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. add scope => array('example.org','example\.(com|net)$') to 
metadata/saml20-idp-hosted.php
2. view the generated metadata at 
http://host/simplesaml/saml2/idp/metadata.php?output=xhtml

What is the expected output? What do you see instead?

<md:Extensions>
      <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0"
                                  regexp="false">example.org</shibmd:Scope>
      <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" 
                                  regexp="true">example\.(com|net)$</shibmd:Scope>
    </md:Extensions>

but regexp="false" in both instances. 

What version of the product are you using? On what operating system?
HEAD

Please provide any additional information below.
The attached patch determines whether the string as a regex or not and sets the 
value to true (by checking whether $ ^ ( ) * | \ exist in the scope).

While it is true that the string "simplesamlphp.org" is a domain and a regex it 
would be better to write as ^simplesamlphp\.org$ or even simplesamlphp.org$ and 
thus only boundary conditions, escape characters or characters that are invalid 
in a domain name are used in the check.

Original issue reported on code.google.com by schofi...@terena.org on 17 Oct 2013 at 9:52

Attachments:

GoogleCodeExporter commented 8 years ago 
The check for whether it looks like a regex shouldn't be in the XML 
serialization classes, but rather wherever the SAML2_XML_shibmd_Scope objects 
are initialized. (The XML serialization classes should avoid changing the data 
in any significant way.)

Original comment by olavmrk@gmail.com on 18 Oct 2013 at 6:10

GoogleCodeExporter commented 8 years ago 
Test now in SAMLBuilder.php rather than defaulting to FALSE.

Original comment by schofi...@terena.org on 18 Oct 2013 at 10:00

Attachments:

GoogleCodeExporter commented 8 years ago 
Thanks! Committed as r3281.

Original comment by olavmrk@gmail.com on 18 Oct 2013 at 10:35